103071233eda0d96fc0072fbaa8422cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

103071233eda0d96fc0072fbaa8422cd_JaffaCakes118
Size

832KB
MD5

103071233eda0d96fc0072fbaa8422cd
SHA1

131460c8ea5cbfc98e95d5412abe9698db059372
SHA256

e313e26bf7777ae815a30754417a7df3d76ca0bbba930469e6a535af4ad6360b
SHA512

00b7240aa1ae91d26a9512a30287ec7eab70dad285e8219e798fccc77ffa603635a8b6caa634e2afaa3ecb6e81c2e296a8a868ddca25e4924f57844c7fe826e0
SSDEEP

24576:4z3G1bq2VxoQoT8KBs2iwuVL8C+Kew9mo2wATZU:44/VoFmL8CRzMo8TC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
103071233eda0d96fc0072fbaa8422cd_JaffaCakes118

Files

103071233eda0d96fc0072fbaa8422cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7eec2d2c9cb6691987c2d7d6057d0a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nanami\LenovoData\DataUploader\Release_1G\DataUploader.pdb

Imports

kernel32

SetEndOfFile
SetFilePointerEx
SetFileAttributesW
GetFileAttributesW
SetFileTime
MoveFileW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
LocalFree
GetTempPathW
WritePrivateProfileStringW
GetTempFileNameW
SetEnvironmentVariableA
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
lstrcmpW
CreateDirectoryW
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
HeapCreate
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
QueueUserWorkItem
TerminateProcess
HeapAlloc
GetFileSizeEx
SetFilePointer
GetFileTime
GetCurrentProcessId
CreateMutexA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcessHeap
HeapFree
ReleaseMutex
CreateEventA
GlobalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetPrivateProfileStringW
GlobalLock
GlobalUnlock
MulDiv
GetVersionExW
lstrlenA
InterlockedDecrement
lstrcpyW
MultiByteToWideChar
GetModuleFileNameW
SetLastError
GetCurrentProcess
FlushInstructionCache
CompareStringW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetCurrentThreadId
WaitForMultipleObjects
DebugBreak
ResetEvent
CreateThread
InterlockedIncrement
SetEvent
CreateEventW
GetSystemTimeAsFileTime
FindFirstFileW
GetFileSize
ReadFile
FindNextFileW
FindClose
DeleteFileW
CreateFileW
WriteFile
lstrlenW
WideCharToMultiByte
CloseHandle
GetLastError
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
WaitForSingleObject
ExitProcess

user32

ReleaseDC
DestroyWindow
UnregisterClassA
GetMenuItemInfoW
GetDC
CloseClipboard
GetClipboardData
GetPropW
SetPropW
RegisterClipboardFormatW
CreateWindowExW
GetClientRect
SetWindowLongW
GetWindowLongW
EndPaint
BeginPaint
DefWindowProcW
PeekMessageW
TranslateMessage
DispatchMessageW
SetRectEmpty
SetTimer
GetClassInfoExW
LoadCursorW
RemovePropW
RegisterClassExW
SetMenuItemInfoW
RedrawWindow
IsWindowVisible
ShowWindow
GetSysColor
MessageBeep
SetClipboardData
GetKeyState
GetFocus
RegisterWindowMessageW
EnableMenuItem
PostQuitMessage
ScrollWindowEx
SetScrollPos
GetScrollInfo
SetScrollInfo
DrawFocusRect
CreateDialogParamW
CharNextW
GetClassNameW
DrawEdge
GetMessagePos
GetWindowDC
DialogBoxParamW
InvalidateRgn
IsChild
DestroyAcceleratorTable
CreateAcceleratorTableW
GetActiveWindow
IsIconic
GetMenuItemID
GetMessageW
FindWindowW
AllowSetForegroundWindow
IsRectEmpty
GetScrollPos
CopyRect
MsgWaitForMultipleObjects
FillRect
DrawIconEx
EndDialog
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetMenu
MoveWindow
SetWindowPos
GetWindowRect
ScreenToClient
GetParent
GetDlgItem
SendMessageW
AdjustWindowRectEx
SetWindowRgn
IsWindow
MapWindowPoints
SystemParametersInfoW
GetWindow
DrawTextW
GetDesktopWindow
OffsetRect
SetRect
LoadImageW
GetSystemMetrics
PostMessageW
ValidateRect
SetFocus
MessageBoxW
OpenClipboard
LoadMenuW
GetMonitorInfoW
MonitorFromPoint
EnableWindow
DestroyMenu
InflateRect
SetMenuDefaultItem
TrackPopupMenu
GetSubMenu
SetForegroundWindow
GetCursorPos
ClientToScreen
UpdateWindow
InvalidateRect
KillTimer
IsWindowEnabled
SetCapture
GetDlgCtrlID
SetCursor
GetCapture
DestroyIcon
LoadStringW
PtInRect
ReleaseCapture
CallWindowProcW

gdi32

GetObjectW
SetViewportOrgEx
CreateFontIndirectW
BitBlt
ExtTextOutW
SetBkColor
RoundRect
CreateRectRgnIndirect
CreatePen
CombineRgn
LineTo
GetClipBox
Rectangle
PatBlt
CreatePatternBrush
CreateBitmap
GetDeviceCaps
SetDCPenColor
CreateRectRgn
ExcludeClipRect
GetTextMetricsW
SetPixelFormat
ChoosePixelFormat
SwapBuffers
GetDIBits
DeleteObject
DeleteDC
StretchDIBits
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SetTextColor
SetBkMode
SelectClipRgn
CreateRoundRectRgn
CreateSolidBrush
FillRgn
MoveToEx
GetTextExtentPoint32W

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
CredEnumerateW
CredReadW
CredFree
CredDeleteW
CredWriteW
RegDeleteValueW

shell32

SHParseDisplayName
SHFileOperationW
SHPathPrepareForWriteA
SHGetFolderPathA
SHPathPrepareForWriteW
SHGetFolderPathW
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetDesktopFolder
DragQueryFileW
Shell_NotifyIconW
SHGetSettings
ord153
ord19

ole32

CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
RegisterDragDrop
DoDragDrop
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
VariantInit
VariantClear
OleCreateFontIndirect
SysAllocString
LoadTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VarUI4FromStr
SysAllocStringLen
SysStringLen
LoadRegTypeLi
SysFreeString

shlwapi

PathRemoveBackslashA
PathIsRootW
PathGetDriveNumberW
StrFromTimeIntervalW
PathRemoveFileSpecW
PathAddBackslashW
PathRemoveExtensionW
PathFindExtensionW
PathFileExistsW
StrFormatKBSizeW
StrFormatByteSizeW
PathIsDirectoryW
PathFindFileNameW
PathRemoveBackslashW
PathRenameExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIconSize

msimg32

AlphaBlend
GradientFill

opengl32

glIsTexture
glDeleteTextures
glViewport
wglCreateContext
wglMakeCurrent
wglDeleteContext
glLoadIdentity
glMatrixMode
glBlendFunc
glEnable
glTexImage2D
glTexParameteri
glBindTexture
glGenTextures
glPopMatrix
glEnd
glVertex3f
glTexCoord2f
glBegin
glRotatef
glTranslatef
glPushMatrix
glColor4f
glClear
glClearColor
glFlush

glu32

gluPerspective
gluLookAt

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

gdiplus

GdipDrawPolygon
GdipDrawLine
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipCreateLineBrushI
GdipFillPolygon
GdipDrawLineI
GdipSetSmoothingMode
GdipDeletePen
GdipCreatePen1
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipSetCompositingMode
GdipSetImageAttributesGamma
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdiplusShutdown
GdipCloneBrush
GdipCreateHBITMAPFromBitmap
GdipDeleteBrush
GdipCreateFromHDC

winhttp

WinHttpReadData
WinHttpReceiveResponse
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpQueryHeaders
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSetStatusCallback
WinHttpCloseHandle
WinHttpSetTimeouts
WinHttpOpen
WinHttpAddRequestHeaders

crypt32

CryptUnprotectData
CryptProtectData

Sections

.text
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hhqg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7eec2d2c9cb6691987c2d7d6057d0a1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

opengl32

glu32

version

gdiplus

winhttp

crypt32

Sections

.text Size: 536KB - Virtual size: 535KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 39KB - Virtual size: 47KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 147KB - Virtual size: 146KB

.hhqg Size: 4KB - Virtual size: 4KB

.text
Size: 536KB - Virtual size: 535KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 39KB - Virtual size: 47KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 147KB - Virtual size: 146KB

.hhqg
Size: 4KB - Virtual size: 4KB